China is likely stockpiling and deploying vulnerabilities, says Microsoft
Credit:
Wikipedia
Microsoft has asserted that China's offensive cyber capabilities have improved, thanks to a law that has allowed Beijing to create an arsenal of unreported software vulnerabilities.
China's 2021 law required organizations to report security vulnerabilities to local authorities before disclosing them to any other entity. The rules mean Beijing can use local research to hoard vulnerability information.
A year later, researchers from the Atlantic Council found there was a decrease in reported vulnerabilities coming from China – and an increase in anonymous reports. Microsoft's 2022 Digital Defense Report, released last Friday, asserts the Chinese law "might" be enabling the Chinese government to weaponize the vulnerabilities.